---

{{ if .Vars.ubtu24cis_level_1 }}
  {{ if .Vars.ubtu24cis_rule_1_5_3 }}
command:
  core_dumps_limits:
    title: 1.5.3 | Ensure core dumps are restricted | security/limits.conf
    exit-status:
      or:
      - 0
      - 2
    exec: 'grep -E "\*.*hard.*core.*0" /etc/security/limits.conf /etc/security/limits.d/*'
    stdout:
    - '/^\/*.*\shard.*core.*0/'
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 1.5.3
      CISv8: NA
      CISv8_IG1: NA
      CISv8_IG2: NA
      CISv8_IG3: NA
      Mitre_Techniques:
      - T1005
      - T1005.000
      Mitre_Tactics: TA0007
      Mitre_Mitigations: NA
  suid_dumpable_2:
    title: 1.5.3 | Ensure core dumps are restricted | sysctl.conf
    exit-status: 0
    exec: 'grep "fs\.suid_dumpable" /etc/sysctl.conf /etc/sysctl.d/*'
    stdout:
    - fs.suid_dumpable=0
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 1.5.3
      CISv8: NA
      CISv8_IG1: NA
      CISv8_IG2: NA
      CISv8_IG3: NA
      NIST800-53R5: CM-6
kernel-param:
  fs.suid_dumpable:
    title: 1.5.3 | Ensure core dumps are restricted | kernel_sysctl
    value: '0'
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 1.5.3
      CISv8: NA
      CISv8_IG1: NA
      CISv8_IG2: NA
      CISv8_IG3: NA
      NIST800-53R5: CM-6
service:
  coredump:
    title: 1.5.3 | Ensure core dumps are restricted | coredump service
    enabled: false
    running: false
    skip: false
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 1.5.3
      CISv8: NA
      CISv8_IG1: NA
      CISv8_IG2: NA
      CISv8_IG3: NA
      NIST800-53R5: CM-6
file:
  coredump_restricted_conf:
    title: 1.5.3 | Ensure core dumps are restricted | coredump.conf
    exists: true
    path: /etc/systemd/coredump.conf
    contents:
    - '/^Storage=none/'
    - '/^ProcessSizeMax=0/'
    meta:
      server: 1
      workstation: 1
      CIS_ID:
      - 1.5.3
      CISv8: NA
      CISv8_IG1: NA
      CISv8_IG2: NA
      CISv8_IG3: NA
      NIST800-53R5: CM-6
  {{ end }}
{{ end }}